summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
938c57d)
Commands which return a file descriptor (i.e. RUN_AS_OPEN) attempt
to send the resulting file descriptor even on failure. However,
this is not permitted by the UNIX socket interface.
As a result, skip the reception of the file descriptor payload
when a command fails. The 'master' end is also adapted to skip
the reception of the file descriptor in the case of an error.
A check has also been added to ensure that the 'master' end does
not attempt to send invalid file descriptors to the worker process.
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
ssize_t len;
if (fd < 0) {
ssize_t len;
if (fd < 0) {
- ERR("Invalid file description");
+ ERR("Attempt to send invalid file descriptor to master (fd = %i)", fd);
+ /* Return 0 as this is not a fatal error. */
- if (*fd < 0) {
- ERR("Invalid file description");
- return 0;
- }
-
len = lttcomm_recv_fds_unix_sock(sock, fd, 1);
if (!len) {
len = lttcomm_recv_fds_unix_sock(sock, fd, 1);
if (!len) {
PERROR("lttcomm_recv_fds_unix_sock");
return -1;
}
PERROR("lttcomm_recv_fds_unix_sock");
return -1;
}
+ if (*fd < 0) {
+ ERR("Invalid file descriptor received from worker (fd = %i)", *fd);
+ /* Return 0 as this is not a fatal error. */
+ return 0;
+ }
+
+ if (fd < 0) {
+ ERR("Refusing to send invalid fd to worker (fd = %i)", fd);
+ return -1;
+ }
+
ret = do_send_fd(worker->sockpair[0], fd);
if (ret < 0) {
PERROR("do_send_fd");
ret = do_send_fd(worker->sockpair[0], fd);
if (ret < 0) {
PERROR("do_send_fd");
+ if (fd < 0) {
+ DBG("Not sending file descriptor to master as it is invalid (fd = %i)", fd);
+ return 0;
+ }
ret = do_send_fd(worker->sockpair[1], fd);
if (ret < 0) {
PERROR("do_send_fd error");
ret = -1;
}
ret = do_send_fd(worker->sockpair[1], fd);
if (ret < 0) {
PERROR("do_send_fd error");
ret = -1;
}
- if (fd < 0) {
- goto end;
- }
ret_close = close(fd);
if (ret_close < 0) {
PERROR("close");
}
ret_close = close(fd);
if (ret_close < 0) {
PERROR("close");
}
+ if (ret_value->_error) {
+ /* Skip stage 5 on error as there will be no fd to receive. */
+ goto end;
+ }
+
/*
* Stage 5: Receive file descriptor if needed
*/
/*
* Stage 5: Receive file descriptor if needed
*/